AI Agent Hacks McKinsey Chatbot in 2 Hours, NPM Phantom Raven, Router Malware & Trojaned AI Models

This episode covers how researchers at CodeWall used an autonomous AI security agent to gain read/write access to McKinsey’s internal chatbot Lilli database in about two hours by chaining exposed APIs and an SQL injection, potentially exposing 46.5 million chats, 728,000 files, 57,000 accounts, and 95 system prompts, with McKinsey saying the issues were fixed and no unauthorized access was found. It also reports on the Phantom Raven supply-chain campaign that published 88 malicious NPM packages using a runtime-downloaded payload to steal developer system data like SSH keys and host details. A study warns that 83% of 800 million compromised passwords still meet complexity rules, highlighting credential-stuffing risk and the need for breach checks and MFA. The show notes 14,000+ routers infected with persistent malware often requiring factory resets plus hardening, and discusses Trojan backdoors embedded in AI models that trigger misbehavior under specific inputs, calling for new AI security testing and validation.

Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that’s built for performance and scale. You can find them at Meter.com/cst

00:00 Sponsor Meter Intro
00:20 Headlines And Welcome
00:55 AI Agent Hacks McKinsey Bot
03:44 Phantom Raven NPM Malware
05:55 Strong Passwords Still Leaked
07:55 Router Malware That Persists
09:36 Trojan Backdoors In AI Models
12:01 Call For AI Backdoor Research
12:30 Sponsor Meter Outro
13:13 Sign Off